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WHAT IS CLAIMED IS: 

1 . In a computer network arrangement comprising a home network having at least 
one home network server and a firewall for protecting said home network server, a relay 
5 server outside of said home network, and a client having a permanent IP address within said 
home network, a method for maintaining secure communications between the home network 
server and the client when said client roams outside of said home network to a new location, 
said method comprising: 

establishing a new IP address for the new client location; 
1 0 sending a registration message to said relay server identifying said new IP address 

location; 

authenticating said registration message; 

encapsulating and transmitting said registration message to said home server; 
registering said new IP address as a care-of-address for said client at said home 

15 server; 

confirming the registration of said new IP address with said client; 
establishing a security association between said home server and said relay server on 
behalf of said client; 

performing network address translation between the client's permanent IP address and 
20 the client's new IP address; 

tunneling packets addressed for said client between said home server and said relay 
server based on the established security association and said address translation for said 
client; and 

decapsulating said packets at said relay server and forwarding said packets to said 
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client. 

2. The method of claim 1, wherein said home network further comprises a 
multiplexer subsystem. 

3. The method of claim 1, wherein at least a portion of the communications from said 
5 client to said home server are in HTTP Request-format. 

4. The method of claim 3, wherein at least a portion of the communications from said 
home server to said client are in HTTP Response-format. 

5. The method of claim 4, wherein at least a portion of the communications from said 
client to said home server are encapsulated in UDP packets. 

10 6. The method of claim 5, wherein at least a portion of the communications from said 

home server to said client are encapsulated in UDP packets. 

7. The method of claim 1, wherein said method further comprises the step of: 

providing a network gateway, wherein said network gateway operates to tunnel packets 

through said firewall to said home server. 
15 8. The method of claim 7, wherein said network gateway is a Virtual Private Network 

gateway. 

9. In a computer network arrangement comprising a home network having at least 
one home network server and a firewall for protecting said home network server, a relay 
server outside of said home network, and a client having a permanent IP address within said 
20 home network, a method for maintaining secure communications between the home network 
server and the client when said client roams outside of said home network to a new location, 
said method comprising: 

establishing a new IP address for the new client location; 
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sending a registration message to said home server identifying said new IP address 
location; 

encapsulating and transmitting said registration message to said home server; 
registering said new IP address as a care-of-address for said client at said home 

server; 

confirming the registration of said new IP address with said client; 

establishing a security association between said home server and said client; 

performing network address translation between the client's permanent IP address and 
the client's new IP address; and 

tunneling packets addressed for said client between said home server and said client 
based on the established security association and said address translation for said client. 

10. The method of claim 9, wherein said home network further comprises a 
multiplexer subsystem. 

1 1 . The method of claim 9, wherein at least a portion of the communications from 
said client to said home server are in HTTP Request-format. 

12. The method of claim 1 1 , wherein at least a portion of the communications from 
said home server to said client are in HTTP Response-format. 

13. The method of claim 12, wherein at least a portion of the communications from 
said client to said home server are encapsulated in UDP packets by said multiplexer 
subsystem. 

14. The method of claim 13, wherein at least a portion of the communications from 
said home server to said client are encapsulated in UDP packets by said multiplexer 
subsystem. 
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1 5 . The method of claim 9, wherein said method further comprises the step of: 
providing a network gateway, wherein said network gateway operates to tunnel packets 
through said firewall to said home server. 

16. The method of claim 1 5, wherein said network gateway is a Virtual Private 
5 Network gateway. 

17. A system for maintaining secure communications for a client having a permanent 
IP address within a home network system and a temporary, care-of IP address when roaming 
outside of said home network system, said system comprising: 

a home network server, wherein said home network server authenticates messages 
„ 1 0 received from clients roaming outside of said home network system and performs network 

address translation between the client's permanent IP address client and the client's registered 
care-of IP address, further wherein said home network server encapsulates and retransmits 
messages addressed to said client's permanent IP address to the client's registered care-of IP 
address; 

1 5 a relay server, said relay server located outside of said home network, wherein said 

relay server tunnels messages between said home network server and said client; and 

a multiplexer subsystem, wherein said multiplexer subsystem is comprised of a HTTP 
server, and a multiplexer module. 

18. A method for communicating between a roaming client and a home server 
20 wherein at least one of either the client or the home server is protected by a firewall, said 

method comprising: 

generating a first message in HTTP Request-format, 

transmitting said first message in HTTP Request-format through said firewall; 
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processing said first message, wherein said first message is encapsulated in UDP 
packets and forwarded to its intended recipient; 

generating a second message in response to said first message, wherein said second 
message is encapsulated in UDP packets; 
5 translating said second message into HTTP Response-Format; 

transmitting said second message to its intended recipient. 

19. The method of claim 1, wherein, said method further comprises the steps of: 
generating a first message in HTTP Request-format, 

transmitting said first message in HTTP Request-format through said firewall; 
10 processing said first message, wherein said first message is encapsulated in UDP 

packets and forwarded to its intended recipient; 

generating a second message in response to said first message, wherein said second 
message is encapsulated in UDP packets; 

translating said second message into HTTP Response-Format; and 
1 5 transmitting said second message to its intended recipient 

20. The method of claim 9, wherein, said method further comprises the steps of: 
generating a first message in HTTP Request-format, 

transmitting said first message in HTTP Request-format through said firewall; 
processing said first message, wherein said first message is encapsulated in UDP 
20 packets and forwarded to its intended recipient; 

generating a second message in response to said first message, wherein said second 
message is encapsulated in UDP packets; 

translating said second message into HTTP Response-Format; and 
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transmitting said second message to its intended recipient 



